OpenCVE

Filtered by vendor Xiebruce Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-44796	2 Picuploader Project, Xiebruce	2 Picuploader, Picuploader	2024-09-06	8 High
A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.
CVE-2024-44794	2 Picuploader, Xiebruce	2 Commit, Picuploader	2024-09-05	6.1 Medium
A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.

Page 1 of 1.